[coreboot] SPI controller and Lock bits

Peter Stuge peter at stuge.se
Fri Sep 28 01:30:14 CEST 2018

Youness Alaoui wrote:
> avoid any malware writing to the flash

Just disallow flash writes by the platform. Allow flash writes only
by dedicated hardware (maybe ChromeEC?) which implements a simple and
efficient security protocol.

Looking for a software solution is IMO like Intel trying to secure SMM.


More information about the coreboot mailing list